Details of VAR-201601-0674

ID

VAR-201601-0674

TITLE

Fortigate firewall has SSH authentication backdoor vulnerability

Trust: 0.6

sources: CNVD: CNVD-2016-00170

DESCRIPTION

FortiGate (FortiGate firewall) is a network firewall product launched by Fortinet, which is used to defend against network and malicious code attacks at the network layer and content layer. Fortigate firewall has SSH authentication backdoor vulnerability. Since the password of the FortiGate firewall Fortimanager_Access user is generated by a relatively simple algorithm, the attacker can directly obtain the highest authorized (root) authority for authentication after analyzing and cracking, and then control the firewall device. The subsequent attacker can use the firewall as a springboard to penetrate the internal area Network, perform operations such as information sniffing and data interception

Trust: 0.72

sources: CNVD: CNVD-2016-00170 // IVD: 47d1de3a-1e6d-11e6-8415-000c29c12f8f

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 47d1de3a-1e6d-11e6-8415-000c29c12f8f // CNVD: CNVD-2016-00170

AFFECTED PRODUCTS

vendor:	fortigate	model:	fortios	scope:	eq	version:	5.0.0-5.0.7	Trust: 0.8
vendor:	fortigate	model:	fortios	scope:	eq	version:	4.3.0-4.3.16	Trust: 0.6
vendor:	fortigate	model:	fortios	scope:	eq	version:	4.3.0-4.3.16*	Trust: 0.2

sources: IVD: 47d1de3a-1e6d-11e6-8415-000c29c12f8f // CNVD: CNVD-2016-00170

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-00170
value:	HIGH
Trust: 0.6
IVD:	47d1de3a-1e6d-11e6-8415-000c29c12f8f
value:	HIGH
Trust: 0.2

CNVD:	CNVD-2016-00170
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	47d1de3a-1e6d-11e6-8415-000c29c12f8f
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 47d1de3a-1e6d-11e6-8415-000c29c12f8f // CNVD: CNVD-2016-00170

TYPE

back door

Trust: 0.2

sources: IVD: 47d1de3a-1e6d-11e6-8415-000c29c12f8f

PATCH

title:

Patch for Fortigate firewall has SSH authentication backdoor vulnerability

url:

https://www.cnvd.org.cn/patchinfo/show/69924

Trust: 0.6

sources: CNVD: CNVD-2016-00170

EXTERNAL IDS

db:	CNVD	id:	CNVD-2016-00170	Trust: 0.8
db:	IVD	id:	47D1DE3A-1E6D-11E6-8415-000C29C12F8F	Trust: 0.2

sources: IVD: 47d1de3a-1e6d-11e6-8415-000c29c12f8f // CNVD: CNVD-2016-00170

REFERENCES

url:	http://seclists.org/fulldisclosure/2016/jan/26	Trust: 0.6
url:	http://www.fortiguard.com/advisory/fortios-ssh-undocumented-interactive-login-vulnerability	Trust: 0.6

sources: CNVD: CNVD-2016-00170

SOURCES

db:	IVD	id:	47d1de3a-1e6d-11e6-8415-000c29c12f8f
db:	CNVD	id:	CNVD-2016-00170

LAST UPDATE DATE

2022-05-17T02:09:47.741000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-00170

date:

2020-03-10T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	47d1de3a-1e6d-11e6-8415-000c29c12f8f	date:	2016-01-13T00:00:00
db:	CNVD	id:	CNVD-2016-00170	date:	2016-01-13T00:00:00